Search in sources :

Example 1 with PROP_GROUP_MEMBER_ATTRIBUTE

use of org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchGroupsWithNoNameAndUserIdentityUidAttribute.

@Test
public void testSearchGroupsWithNoNameAndUserIdentityUidAttribute() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(null, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(4, groups.size());
    final Group admins = groups.stream().filter(group -> "cn=admins,ou=groups,o=nifi".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(admins);
    assertFalse(admins.getUsers().isEmpty());
    assertEquals(1, admins.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_USER_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) PROP_MANAGER_PASSWORD(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) PROP_GROUP_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Set(java.util.Set) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) UserAndGroups(org.apache.nifi.authorization.UserAndGroups) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_CONNECT_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) Mockito.mock(org.mockito.Mockito.mock) UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext) PROP_USER_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Group(org.apache.nifi.authorization.Group) PROP_PAGE_SIZE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) PROP_REFERRAL_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_USER_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) Matchers.anyString(org.mockito.Matchers.anyString) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) PROP_READ_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) Before(org.junit.Before) PROP_USER_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) Properties(java.util.Properties) PROP_URL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_URL) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Mockito(org.mockito.Mockito) ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy) NiFiProperties(org.apache.nifi.util.NiFiProperties) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 2 with PROP_GROUP_MEMBER_ATTRIBUTE

use of org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE in project nifi by apache.

the class LdapUserGroupProviderTest method testReferencedUserUsingReferencedAttribute.

@Test
public void testReferencedUserUsingReferencedAttribute() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration("ou=users-2,o=nifi", "ou=groups-2,o=nifi");
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("sn", null));
    // using room due to reqs of groupOfNames
    when(configurationContext.getProperty(PROP_GROUP_OBJECT_CLASS)).thenReturn(new StandardPropertyValue("room", null));
    // using description in lieu of member
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("description", null));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn", null));
    // does not need to be the same as user id attr
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(1, groups.size());
    final Group team3 = groups.stream().filter(group -> "team3".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team3);
    assertEquals(1, team3.getUsers().size());
    assertEquals(1, team3.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "User9".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_USER_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) PROP_MANAGER_PASSWORD(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) PROP_GROUP_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Set(java.util.Set) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) UserAndGroups(org.apache.nifi.authorization.UserAndGroups) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_CONNECT_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) Mockito.mock(org.mockito.Mockito.mock) UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext) PROP_USER_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Group(org.apache.nifi.authorization.Group) PROP_PAGE_SIZE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) PROP_REFERRAL_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_USER_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) Matchers.anyString(org.mockito.Matchers.anyString) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) PROP_READ_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) Before(org.junit.Before) PROP_USER_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) Properties(java.util.Properties) PROP_URL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_URL) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Mockito(org.mockito.Mockito) ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy) NiFiProperties(org.apache.nifi.util.NiFiProperties) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 3 with PROP_GROUP_MEMBER_ATTRIBUTE

use of org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchUsersAndGroupsMembershipThroughUsersAndGroups.

@Test
public void testSearchUsersAndGroupsMembershipThroughUsersAndGroups() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(USER_SEARCH_BASE, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid", null));
    // using description in lieu of memberof
    when(configurationContext.getProperty(PROP_USER_GROUP_ATTRIBUTE)).thenReturn(new StandardPropertyValue("description", null));
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    assertEquals(8, ldapUserGroupProvider.getUsers().size());
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(4, groups.size());
    final Group admins = groups.stream().filter(group -> "admins".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(admins);
    assertEquals(2, admins.getUsers().size());
    assertEquals(2, admins.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity()) || "user3".equals(user.getIdentity())).count());
    final Group readOnly = groups.stream().filter(group -> "read-only".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(readOnly);
    assertEquals(1, readOnly.getUsers().size());
    assertEquals(1, readOnly.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user2".equals(user.getIdentity())).count());
    final Group team1 = groups.stream().filter(group -> "team1".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team1);
    assertEquals(3, team1.getUsers().size());
    assertEquals(3, team1.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity()) || "user4".equals(user.getIdentity()) || "user5".equals(user.getIdentity())).count());
    final Group team2 = groups.stream().filter(group -> "team2".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team2);
    assertEquals(3, team2.getUsers().size());
    assertEquals(3, team2.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity()) || "user6".equals(user.getIdentity()) || "user7".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_USER_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) PROP_MANAGER_PASSWORD(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) PROP_GROUP_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Set(java.util.Set) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) UserAndGroups(org.apache.nifi.authorization.UserAndGroups) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_CONNECT_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) Mockito.mock(org.mockito.Mockito.mock) UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext) PROP_USER_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Group(org.apache.nifi.authorization.Group) PROP_PAGE_SIZE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) PROP_REFERRAL_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_USER_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) Matchers.anyString(org.mockito.Matchers.anyString) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) PROP_READ_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) Before(org.junit.Before) PROP_USER_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) Properties(java.util.Properties) PROP_URL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_URL) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Mockito(org.mockito.Mockito) ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy) NiFiProperties(org.apache.nifi.util.NiFiProperties) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 4 with PROP_GROUP_MEMBER_ATTRIBUTE

use of org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchUsersAndGroupsMembershipThroughGroups.

@Test
public void testSearchUsersAndGroupsMembershipThroughGroups() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(USER_SEARCH_BASE, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid", null));
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    assertEquals(8, ldapUserGroupProvider.getUsers().size());
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(4, groups.size());
    final Group admins = groups.stream().filter(group -> "admins".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(admins);
    assertEquals(2, admins.getUsers().size());
    assertEquals(2, admins.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity()) || "user3".equals(user.getIdentity())).count());
    final Group readOnly = groups.stream().filter(group -> "read-only".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(readOnly);
    assertEquals(1, readOnly.getUsers().size());
    assertEquals(1, readOnly.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user2".equals(user.getIdentity())).count());
    final Group team1 = groups.stream().filter(group -> "team1".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team1);
    assertEquals(1, team1.getUsers().size());
    assertEquals(1, team1.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity())).count());
    final Group team2 = groups.stream().filter(group -> "team2".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team2);
    assertEquals(1, team2.getUsers().size());
    assertEquals(1, team2.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user1".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_USER_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) PROP_MANAGER_PASSWORD(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) PROP_GROUP_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Set(java.util.Set) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) UserAndGroups(org.apache.nifi.authorization.UserAndGroups) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_CONNECT_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) Mockito.mock(org.mockito.Mockito.mock) UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext) PROP_USER_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Group(org.apache.nifi.authorization.Group) PROP_PAGE_SIZE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) PROP_REFERRAL_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_USER_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) Matchers.anyString(org.mockito.Matchers.anyString) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) PROP_READ_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) Before(org.junit.Before) PROP_USER_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) Properties(java.util.Properties) PROP_URL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_URL) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Mockito(org.mockito.Mockito) ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy) NiFiProperties(org.apache.nifi.util.NiFiProperties) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 5 with PROP_GROUP_MEMBER_ATTRIBUTE

use of org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchGroupsWithNameAndUserIdentityCnAttribute.

@Test
public void testSearchGroupsWithNameAndUserIdentityCnAttribute() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(null, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn", null));
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(4, groups.size());
    final Group admins = groups.stream().filter(group -> "admins".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(admins);
    assertFalse(admins.getUsers().isEmpty());
    assertEquals(1, admins.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "User 1".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_USER_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) PROP_MANAGER_PASSWORD(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) PROP_GROUP_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Set(java.util.Set) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) UserAndGroups(org.apache.nifi.authorization.UserAndGroups) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_CONNECT_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) Mockito.mock(org.mockito.Mockito.mock) UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext) PROP_USER_SEARCH_BASE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Group(org.apache.nifi.authorization.Group) PROP_PAGE_SIZE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) PROP_REFERRAL_STRATEGY(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_USER_OBJECT_CLASS(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) Matchers.anyString(org.mockito.Matchers.anyString) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) PROP_READ_TIMEOUT(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) Before(org.junit.Before) PROP_USER_SEARCH_SCOPE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) Properties(java.util.Properties) PROP_URL(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_URL) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Mockito(org.mockito.Mockito) ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy) NiFiProperties(org.apache.nifi.util.NiFiProperties) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Aggregations

Properties (java.util.Properties)6 Set (java.util.Set)6 CreateLdapServer (org.apache.directory.server.annotations.CreateLdapServer)6 CreateTransport (org.apache.directory.server.annotations.CreateTransport)6 ApplyLdifFiles (org.apache.directory.server.core.annotations.ApplyLdifFiles)6 CreateDS (org.apache.directory.server.core.annotations.CreateDS)6 CreatePartition (org.apache.directory.server.core.annotations.CreatePartition)6 AbstractLdapTestUnit (org.apache.directory.server.core.integ.AbstractLdapTestUnit)6 FrameworkRunner (org.apache.directory.server.core.integ.FrameworkRunner)6 StandardPropertyValue (org.apache.nifi.attribute.expression.language.StandardPropertyValue)6 AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)6 Group (org.apache.nifi.authorization.Group)6 UserAndGroups (org.apache.nifi.authorization.UserAndGroups)6 UserGroupProviderInitializationContext (org.apache.nifi.authorization.UserGroupProviderInitializationContext)6 AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)6 LdapAuthenticationStrategy (org.apache.nifi.ldap.LdapAuthenticationStrategy)6 ReferralStrategy (org.apache.nifi.ldap.ReferralStrategy)6 PROP_AUTHENTICATION_STRATEGY (org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY)6 PROP_CONNECT_TIMEOUT (org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT)6 PROP_GROUP_MEMBER_ATTRIBUTE (org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE)6